RECMGMT-L Archives

Records Management

RECMGMT-L@LISTSERV.IGGURU.US
Options: Use Forum View

Use Monospaced Font
Show Text Part by Default
Show All Mail Headers

Message: [<< First] [< Prev] [Next >] [Last >>]
Topic: [<< First] [< Prev] [Next >] [Last >>]
Author: [<< First] [< Prev] [Next >] [Last >>]

Print Reply
Subject:
Re: Negotiating Cloud Contracts
From:
Chris Flynn <[log in to unmask]>
Reply To:
Records Management Program <[log in to unmask]>
Date:
Thu, 18 Dec 2014 14:36:05 -0600
Content-Type:
text/plain
Parts/Attachments:
text/plain (105 lines) 
"One has to wonder, do these newly minted titles also include the
responsibility for shouldering the impact of failed agreements when
information becomes compromised?"

Sounds right to me, if you are lucky.

Chris Flynn
At large
[log in to unmask]

On Thu, Dec 18, 2014 at 12:01 PM, Larry Medina <[log in to unmask]>
wrote:
>
> On Thu, Dec 18, 2014 at 9:16 AM, PeterK <[log in to unmask]> wrote:
>
> > It remains axiomatic that contracts for cloud computing services are
> > generally implemented on the provider’s terms. Even projecting forward
> the
> > current rate of evolution, it is hard to see that core principle
> changing.
> > However, contract terms are increasingly negotiable to some extent;
> > although the degree of negotiability pales in comparison with the
> > contracting model in traditional services-based outsourcing.
> >
> > In our experience there continues to be a (resigned) acceptance from most
> > customers of the providers’ terms – i.e., the terms are what they are,
> and
> > there’s a general recognition that that is the place to start. After all,
> > if a customer organization expects customization of services and  a
> > genuine negotiation of service terms, then maybe the cloud is not the
> right
> > place to be considering as a solution for those specific services.
> >
>
>
> Ahhhhh... a subject near and dear to my heart, contracting for services in
> the ubiquitous cloud.  Sadly, I cannot see the article as I can't access
> bit.ly links, but much has been written on this in the past and the
> 'landscape' hasn't changed (well, the risk hasn't been reduced) much over
> the past few years.
>
> Here are a couple of links to items from 2012 and 2013 that I think provide
> some excellent guidance on any consideration being given to "clouding" and
> there are some points in both of these that and RM being asked to provide
> input into the considerations can benefit from:
>
>
> https://journals.law.stanford.edu/sites/default/files/stanford-technology-law-review/online/cloudcontracts.pdf
>
> This is an exhaustive and highly detailed journal publication that cites
> many of the traps and pitfalls, especially when accepting a "Click-Through"
> contract:
>
> "While click-through may enable more efficient and flexible provisioning of
> information technology services, users risk exposures may be affected. As
> certain German data protection regulators noted, click-throughs speed and
> ease means some customers may be tempted to accept providers standard terms
> online, in order to start using the desired service quickly, without
> considering fully the nature or effect of those terms, or going through
> their organization's standard procurement procedures (such as legal or data
> protection review or security or other risk assessments) "
>
> This other is an ACC Powerpoint that details many of the tipping points
> being risks associated with a failure to ensure their is s flow-down of
> YOUR requirements and contract terms from you principal provider to any
> subcontractors, as well as concerns related to the use of Internationally
> based subcontractors.
>
>
> http://www.acc.com/chapters/gny/upload/Adler-Stern-ACC-GNY-presentation-August-2014-draft-2.pdf?&title=PowerPoint%20Presentation
>
> While there has been much hub-bub over the past year related to the role of
> "information governance" within organizations and the changing titles of
> many from RIM to IG specific titles, not much has been done to ensure these
> individuals can impact the terms and condition of existing or future
> contracts being engaged in that place information assets at considerable
> risk.
>
> One has to wonder, do these newly minted titles also include the
> responsibility for shouldering the impact of failed agreements when
> information becomes compromised?
>
> Larry
>
> --
> Larry
> [log in to unmask]
>
>
>
> *----Lawrence J. MedinaDanville, CARIM Professional since 1972*
>
> List archives at http://lists.ufl.edu/archives/recmgmt-l.html
> Contact [log in to unmask] for assistance
> To unsubscribe from this list, click the below link. If not already
> present, place UNSUBSCRIBE RECMGMT-L or UNSUB RECMGMT-L in the body of the
> message.
> mailto:[log in to unmask]
>

List archives at http://lists.ufl.edu/archives/recmgmt-l.html
Contact [log in to unmask] for assistance
To unsubscribe from this list, click the below link. If not already present, place UNSUBSCRIBE RECMGMT-L or UNSUB RECMGMT-L in the body of the message.
mailto:[log in to unmask]

ATOM RSS1 RSS2